| Line 2... |
Line 2... |
| 2 |
# that use the containers/storage library.
|
2 |
# that use the containers/storage library.
|
| 3 |
# See man 5 containers-storage.conf for more information
|
3 |
# See man 5 containers-storage.conf for more information
|
| 4 |
# The "container storage" table contains all of the server options.
|
4 |
# The "container storage" table contains all of the server options.
|
| 5 |
[storage]
|
5 |
[storage]
|
| 6 |
|
6 |
|
| 7 |
# Default Storage Driver
|
7 |
# Default Storage Driver, Must be set for proper operation.
|
| 8 |
driver = "overlay"
|
8 |
driver = "overlay"
|
| 9 |
|
9 |
|
| 10 |
# Temporary storage location
|
10 |
# Temporary storage location
|
| 11 |
runroot = "/var/run/containers/storage"
|
11 |
runroot = "/run/containers/storage"
|
| 12 |
|
12 |
|
| 13 |
# Primary Read/Write location of container storage
|
13 |
# Primary Read/Write location of container storage
|
| 14 |
graphroot = "/var/lib/containers/storage"
|
14 |
graphroot = "/var/lib/containers/storage"
|
| 15 |
|
15 |
|
| 16 |
# Storage path for rootless users
|
16 |
# Storage path for rootless users
|
| Line 79... |
Line 79... |
| 79 |
# Set to skip a PRIVATE bind mount on the storage home directory.
|
79 |
# Set to skip a PRIVATE bind mount on the storage home directory.
|
| 80 |
# skip_mount_home = "false"
|
80 |
# skip_mount_home = "false"
|
| 81 |
|
81 |
|
| 82 |
# Size is used to set a maximum size of the container image.
|
82 |
# Size is used to set a maximum size of the container image.
|
| 83 |
# size = ""
|
83 |
# size = ""
|
| - |
|
84 |
|
| - |
|
85 |
# ForceMask specifies the permissions mask that is used for new files and
|
| - |
|
86 |
# directories.
|
| - |
|
87 |
#
|
| - |
|
88 |
# The values "shared" and "private" are accepted.
|
| - |
|
89 |
# Octal permission masks are also accepted.
|
| - |
|
90 |
#
|
| - |
|
91 |
# "": No value specified.
|
| - |
|
92 |
# All files/directories, get set with the permissions identified within the
|
| - |
|
93 |
# image.
|
| - |
|
94 |
# "private": it is equivalent to 0700.
|
| - |
|
95 |
# All files/directories get set with 0700 permissions. The owner has rwx
|
| - |
|
96 |
# access to the files. No other users on the system can access the files.
|
| - |
|
97 |
# This setting could be used with networked based homedirs.
|
| - |
|
98 |
# "shared": it is equivalent to 0755.
|
| - |
|
99 |
# The owner has rwx access to the files and everyone else can read, access
|
| - |
|
100 |
# and execute them. This setting is useful for sharing containers storage
|
| - |
|
101 |
# with other users. For instance have a storage owned by root but shared
|
| - |
|
102 |
# to rootless users as an additional store.
|
| - |
|
103 |
# NOTE: All files within the image are made readable and executable by any
|
| - |
|
104 |
# user on the system. Even /etc/shadow within your image is now readable by
|
| - |
|
105 |
# any user.
|
| - |
|
106 |
#
|
| - |
|
107 |
# OCTAL: Users can experiment with other OCTAL Permissions.
|
| - |
|
108 |
#
|
| - |
|
109 |
# Note: The force_mask Flag is an experimental feature, it could change in the
|
| - |
|
110 |
# future. When "force_mask" is set the original permission mask is stored in
|
| - |
|
111 |
# the "user.containers.override_stat" xattr and the "mount_program" option must
|
| - |
|
112 |
# be specified. Mount programs like "/usr/bin/fuse-overlayfs" present the
|
| - |
|
113 |
# extended attribute permissions to processes within containers rather then the
|
| - |
|
114 |
# "force_mask" permissions.
|
| - |
|
115 |
#
|
| - |
|
116 |
# force_mask = ""
|
| 84 |
|
117 |
|
| 85 |
[storage.options.thinpool]
|
118 |
[storage.options.thinpool]
|
| 86 |
# Storage Options for thinpool
|
119 |
# Storage Options for thinpool
|
| 87 |
|
120 |
|
| 88 |
# autoextend_percent determines the amount by which pool needs to be
|
121 |
# autoextend_percent determines the amount by which pool needs to be
|